CVE-2023-52852
- Source
- https://cve.org/CVERecord?id=CVE-2023-52852
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52852.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-52852
- Downstream
- Published
- 2024-05-21T15:31:47.889Z
- Modified
- 2026-04-02T09:43:24.253116Z
- Summary
- f2fs: compress: fix to avoid use-after-free on dic
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: compress: fix to avoid use-after-free on dic
Call trace: __memcpy+0x128/0x250 f2fsreadmulti_pages+0x940/0xf7c f2fsmpagereadpages+0x5a8/0x624 f2fsreadahead+0x5c/0x110 pagecacheraunbounded+0x1b8/0x590 dosyncmmapreadahead+0x1dc/0x2e4 filemapfault+0x254/0xa8c f2fsfilemapfault+0x2c/0x104 __dofault+0x7c/0x238 dohandlemmfault+0x11bc/0x2d14 domemabort+0x3a8/0x1004 el0da+0x3c/0xa0 el0t64synchandler+0xc4/0xec el0t64sync+0x1b4/0x1b8
In f2fsreadmultipages(), once f2fsdecompresscluster() was called if we hit cached page in compressinode's cache, dic may be released, it needs break the loop rather than continuing it, in order to avoid accessing invalid dic pointer.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52852.json" }- References
-
- https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5
- https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401
- https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c
- https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2
- https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52852.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52852
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6ce19aff0b8cd386860855185c6cd79337fc4d2bFixed8c4504cc0c64862740a6acb301e0cfa59580dbc5Fixed9375ea7f269093d7c884857ae1f47633a91f429cFixed932ddb5c29e884cc6fac20417ece72ba4a35c401Fixed9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2Fixedb0327c84e91a0f4f0abced8cb83ec86a7083f086
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affecteda23706426da9b611be5beae0f3faa260fb453b4e